On May 19, 2026, Saudi Arabia's Standards, Metrology and Quality Organization published SASO 3114:2026, a new technical standard for specific ICT equipment that replaces the eleven-year-old SASO CITC GEN-002. The transition window is short: certificates issued under the old standard remain usable only until October 31, 2026, and the last shipment certificates tied to GEN-002 stop being valid on March 31, 2027. Any company selling mobile phones, routers, customer premises equipment or Wi-Fi distribution devices into the Kingdom now has a hard deadline to requalify its technical files.

That single update is a useful entry point into a region where four separate national regimes, Saudi Arabia, the United Arab Emirates, Qatar and Israel, each run their own type approval process for radio and telecom equipment, with no RED-style mutual recognition binding them together. A device cleared for the EU or the US still needs a fresh national approval in each Gulf market and in Israel before it can legally be imported, sold or even carried across a border for demonstration.

Which regulators actually control RF and electrical equipment market access in the Middle East?

Four authorities, not one regional body, hold the approval pen. In Saudi Arabia, the Communications, Space and Technology Commission (CST, formerly CITC) issues type approval for anything that transmits a signal, from smartphones to two-way radios, while the Saudi Standards, Metrology and Quality Organization (SASO) runs the parallel SABER platform for general product conformity, including the new SASO 3114:2026 for specific ICT equipment. In the UAE, the Telecommunications and Digital Government Regulatory Authority (TDRA) issues Type Approval for Radio and Telecommunications Terminal Equipment (RTTE) under a regime last consolidated in the Telecommunications Equipment Type Approval Regime, while the Ministry of Industry and Advanced Technology (MoIAT) separately runs the Emirates Conformity Assessment Scheme (ECAS) for electrical safety, RoHS and energy efficiency labelling. Qatar's Communications Regulatory Authority (CRA) type approves RTTE through its e-Spectrum Services Portal under the 2009 Type Approval Policy. Israel splits the work between the Ministry of Communications (MoC), which certifies the radio side, and the Standards Institution of Israel (SII), which certifies electrical safety and EMC separately.

None of these four regimes recognizes another's certificate. A product already carrying CE marking under the EU Radio Equipment Directive or an FCC ID still needs its own CST type approval to enter Saudi Arabia, its own TDRA type approval to enter the UAE, and so on. Keeping a live map of which certificate covers which country, and which one is expiring, is exactly the kind of per-jurisdiction tracking Obsidian's regulatory monitoring is built to automate instead of leaving it to a shared spreadsheet.

What does Saudi Arabia's SASO 3114:2026 actually change for ICT manufacturers?

It replaces a single generic circular with a detailed, product-by-product technical rulebook. SASO CITC GEN-002 gave broad requirements for ICT devices; SASO 3114:2026, titled "Requirements for Specific ICT Equipment," now sets out concrete technical obligations by category: mobile phones, tablets and mobile computers, mobile routers and customer premises equipment (CPE), other cellular-enabled devices, optical network terminals and home access gateways, and Wi-Fi distribution devices. The obligations are specific enough to affect firmware and radio design, not just paperwork: smartphones must support Advanced Mobile Location for emergency calls and be tested against ETSI TR 103 393, mobile phones must support Cell Broadcast Service for emergency alerts, other cellular devices must support LTE, LTE-M or NB-IoT on bands B3, B8, B20 and B28, and Wi-Fi distribution equipment must support Wi-Fi 7 (IEEE 802.11be) on every supported band.

The grace period runs until October 31, 2026. After that date, CST and SASO will not issue new Product Certificates of Conformity, Certificates of Conformity for Shipment, or Shipment Certificates of Conformity for in-scope products unless they meet SASO 3114:2026. Certificates already issued under GEN-002 keep working until March 31, 2027, but not a day longer. A company still qualifying its 2027 product line against the old GEN-002 checklist is qualifying against a standard that will not exist in six months.

How is the UAE's dual TDRA and MOIAT structure different from Saudi Arabia's single-agency model?

The UAE splits radio approval from electrical and energy-efficiency approval across two separate ministries, each with its own registration, its own certificate, and its own renewal clock. TDRA Type Approval covers Radio and Telecommunications Terminal Equipment: any device that connects to a public network or contains an intentional radio transmitter must be registered by TDRA before it can be used, sold or distributed, with the equipment certificate valid for three years and a separate dealer registration valid for five years. Every individual shipment additionally needs its own Customs Release Permit tied to that Type Approval certificate, the Air Waybill and the commercial invoice, a step manufacturers accustomed to single-certificate regimes routinely miss.

Electrical safety and energy labelling run through a different door. MoIAT's Emirates Conformity Assessment Scheme (ECAS) covers low voltage electrical equipment, RoHS compliance and Energy Efficiency Standards Labelling, and requires a UAE-registered Local Authorized Representative to submit test reports from an accredited laboratory before an ECAS Certificate of Conformity is issued. That certificate is valid for one year and needs annual renewal, a materially shorter cycle than the three-year TDRA radio certificate covering the same physical product. A router with a built-in radio therefore needs a TDRA Type Approval for the radio function and a separate, annually renewed ECAS certificate for its power supply and energy label, two clocks ticking on two different schedules for one SKU.

What happens if a company skips type approval and ships anyway?

The consequences escalate from customs friction to criminal exposure, and Saudi Arabia's framework shows the ceiling clearly. Under Article 89 of the Kingdom's Telecommunications and Information Technology Law, no person may manufacture, import, distribute, rent, sell or offer for sale telecommunications or IT devices unless CST has approved them, and Article 27's penalty schedule allows a fine of up to SAR 25,000,000 per violation, alongside service suspension and the right to bar a company from renewing its license. Shipping without the prerequisite CST clearance is treated as smuggling: goods are held at port, and importers face confiscation, destruction, blacklisting and potential criminal prosecution of the local agent.

Israel's enforcement runs on a narrower but still real set of levers. The Ministry of Communications, acting under the Wireless Telegraph Ordinance, can revoke a license or authorisation, confiscate infringing devices outright, and impose administrative sanctions or criminal penalties including imprisonment for unauthorised spectrum use. Because Israel's approval regime is importer-based, meaning only a locally registered entity can hold the MoC certificate, a foreign manufacturer has no direct route to compliance without a local partner already holding valid authorisation, which makes an expired or missing local registration a single point of failure for an entire product line.

JurisdictionRadio/RTTE authorityElectrical/safety authorityTypical certificate validity
Saudi ArabiaCST (type approval)SASO (SABER platform, incl. SASO 3114:2026)1 year (CST)
United Arab EmiratesTDRA (Type Approval, RTTE)MoIAT (ECAS)3 years (TDRA) / 1 year (ECAS)
QatarCRA (e-Spectrum Type Approval)CRA (same authority)Permanent, absent hardware changes
IsraelMinistry of Communications (MoC)Standards Institution of Israel (SII)Typically 24 months (MoC)

Does the Gulf Cooperation Council offer any shortcut across its member states?

Only for non-radio electrical safety, and even then with real limits. The Gulf Standardization Organization (GSO) issues the Gulf Conformity Mark (G-Mark) for categories covered by its harmonized technical regulations, including the Low Voltage Electrical Equipment and Appliances regulation (BD-142004-01), which references IEC 62368-1 for audio, video, IT and communication equipment safety and the CISPR 32 and IEC 61000-4 series for electromagnetic compatibility. A product certified once under G-Mark by a GSO-recognised notified body can, in principle, be presented across the GSO's member states, Saudi Arabia, the UAE, Bahrain, Kuwait, Oman, Qatar and Yemen, without a fresh technical assessment, and CB Scheme test reports issued under the IECEE system are generally accepted as the technical basis.

Radio approval sits outside that harmonization entirely. G-Mark covers electrical safety and non-radio EMC, not spectrum access or radio type approval, which is why CST, TDRA and CRA each still run their own independent RTTE certification even though all three countries are GSO members. A manufacturer that treats a G-Mark certificate as covering the radio side of a product, rather than only its electrical safety, will still be blocked at customs for the missing national type approval.

What should a compliance team do in the next few months given these overlapping clocks?

Start by sorting every SKU sold into Saudi Arabia by whether it falls inside SASO 3114:2026's named categories, mobile phones, tablets, mobile computers, routers, CPE, ONT/HAG devices or Wi-Fi distribution equipment, since those are the products that lose their certification pathway on November 1, 2026 if untested against the new standard. In parallel, check every UAE-bound product for both a live TDRA Type Approval and a current, separately renewed ECAS certificate, since the two run on different validity periods and either lapsing independently blocks customs release. For Israel, confirm the local importer of record still holds an active MoC registration before committing to a shipment date, since the certificate belongs to the importer, not the manufacturer.

Obsidian tracks CST, SASO, TDRA, MoIAT, Qatar's CRA and Israel's MoC as linked tier-0 sources for the radio, telecom and electrical equipment vertical, with alerts when a standard like SASO 3114:2026 replaces its predecessor or a grace period is about to close. Ask Obsidian's AI companion which of your certificates expire before a given deadline instead of rebuilding that answer from four separate regulator portals, or explore the plans built for product-compliance teams tracking exactly this kind of multi-jurisdiction clock. For teams that already run compliance workflows through an AI assistant, the same verified data is reachable directly through Obsidian's MCP.